If krb5_c_string_to_key is

called with an afs3 salt length for a non-DES enctype, return
KRB5_CRYPTO_INTERNAL.

Ticket: 1521
Status: open
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15576 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 19 insertions, 0 deletions

diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog
index d963e5fdb2..e15663a07d 100644
--- a/src/lib/crypto/ChangeLog
+++ b/src/lib/crypto/ChangeLog
@@ -1,3 +1,8 @@
+2003-06-05  Sam Hartman  <hartmans@mit.edu>
+
+	* string_to_key.c (krb5_c_string_to_key_with_params): Only allow
+	AFS s2k  for DES enctypes
+
 2003-05-15  Sam Hartman  <hartmans@mit.edu>
 
 	* combine_keys.c (enctype_ok): new function to determine if we support combine_keys for a particular enctype
diff --git a/src/lib/crypto/string_to_key.c b/src/lib/crypto/string_to_key.c
index 3bd7a4e730..412583185b 100644
--- a/src/lib/crypto/string_to_key.c
+++ b/src/lib/crypto/string_to_key.c
@@ -71,7 +71,21 @@ krb5_c_string_to_key_with_params(context, enctype, string, salt, params, key)
 	return(KRB5_BAD_ENCTYPE);
 
     enc = krb5_enctypes_list[i].enc;
+/* xxx AFS string2key function is indicated by a special length  in
+ * the salt in much of the code.  However only the DES enctypes can
+ * deal with this.  Using s2kparams would be a much better solution.*/
+    if (salt && salt->length == SALT_TYPE_AFS_LENGTH) {
+	switch (enctype) {
+	case ENCTYPE_DES_CBC_CRC:
+	case ENCTYPE_DES_CBC_MD4:
+	case ENCTYPE_DES_CBC_MD5:
+	    break;
+	default:
+	    return (KRB5_CRYPTO_INTERNAL);
+	}
+    }
 
+	
     (*(enc->keysize))(&keybytes, &keylength);
 
     if ((key->contents = (krb5_octet *) malloc(keylength)) == NULL)